Hackrfi, is the first company in the Nordics focusing solely on bug bounty program management. The people behind the company are well known and experienced Finnish security professionals. We bring together top security researchers and organisations taking their security seriously.

Bug bounty programs organised with us include program rules compatible with the Finnish legislation as well as expert help in validating the incoming reports. With us you can focus on the security of your business and not get swamped in the details of launching the program, tailoring the rules and figuring out incomprehensible reports.

Traditional security testing, penetration tests

One or a couple of security experts with the aid of a automated scanners testing your services. Limited methods, limited time -- limited results.

Traditional testing

Next generation security testing - Bug Bounty

A group of security researchers combing through your systems for weaknesses. Many sets of eyes, lots of brain power, varied skills and experience -- more findings and better security!

Next generation testing - Bug Bounty

It's probable somebody has already tried the security oif your systems. Leverage the people that already test your services and reward them for responsible reporting of the issues with bug bounty prizes. With a well managed bug bounty program you can control the expense of security vulnerabilities by paying only for relevant vulnerabilityn reports all the while enhancing your security posture. Use the hacker community with Hackrfi before the criminal community uses you!

A bug bounty program organised with us is an easy and low maintenance way of making your security better. You get a well managed program and a set process, contacts to the security researcher and hacker community plus the help of our expert security professionals.

Penetration testing

In a traditional penetration testing, there is a set amount of effort available. In the worst case it's a routine test done by the same people with the same tools as the last time. It may be that the tests reveal no real issues, but you still pay for the test. In a bug bounty program you pay only for true security vulnerabilities.

Automated scanners

Traditional vulnerability scanners are recommended to weed out the obvious vulnerabilities and low hanging fruit -type of issues but no scanner can replace human brain in its ingenuity to combine information to create new and tailored attacks to break security controls. The hackers in the security researcher community bring wide ranging experience and expertise in testing the systems for vulnerabilities.

Bug bounties internally or with us

Of course you can create a bug bounty on your own, maybe leveraging the many platforms available. But that requires time and effort. Setting up the program, advertising it, taking in reports, validating and then evaluating them requires resources and experience. Hackrfi takes quite many of these tasks off your hands and lets you focus on evaluating the reports and getting the vulnerabilities fixed.

Do you want to become a bug bounty hunter?

Create an account to our reporting portal, where you can submit reports to open programs.